Strong privacy and security are among the many selling points of an iPhone. But what if I told you that your iPhone isn't as secure as advertised? I'm saying so because the FBI recently identified a bug in iPhones that allowed them to view messages received on the Signal app.
The Signal app is private, but what about your iPhone?
Signal is one of the most popular privacy-focused messaging apps, which come with end-to-end encryption support. This basically means that a message can only be read by the sender and the receiver. It also offers a disappearing messages feature, which makes the platform even more private by automatically deleting messages after a set time.
Recommended For You
However, the FBI was reportedly able to read a suspect's Signal message on an iPhone. Does that mean Signal is falsely advertising its privacy features and that it doesn't really offer end-to-end encryption? That's definitely not the case, as everything relates to how iPhones handle message notifications.
The FBI reportedly viewed the messages received on Signal by extracting them from the push notification database of the suspects' iPhone. What's even scarier is that these messages were configured to disappear, but they remained in the database, even after the Signal app was deleted from the phone.
Since the data has been extracted from the notification database, it suggests that information about any app that supports push notifications can also be easily accessed. For instance, if you have push notifications enabled for Instagram, anyone with the necessary technical knowledge can access the database and view all the messages you have received.
That said, the security flaw allowed the FBI to view only received messages on Signal. Sent messages remained private.
Which private messaging app do you really trust with your secrets?
Change this Signal setting to make your chat more private
Notification settings of the Signal app. | Image by PhoneArena
Soon after the news broke, Signal Foundation President Meredith Whittaker shared her views in a post on X. She stated, "Notifications for deleted messages shouldn't remain in any OS notification database."
She also shared a workaround that Signal users can follow. Here's what you need to do:
Open the Signal app, tap the profile icon in the top-left corner, and select Settings
Under the Notification Content section, choose between the "No name or content" or "Name only" option.
Selecting the first option will ensure that your iPhone push notification only shows that you have received a message on Signal, but not the message content or the person from whom you have received the message. The "Name Only" option will configure your iPhone to show only the name of the person from whom you have received the message in the push notification, but not its content.
Apple has addressed the loophole
Notifications for deleted messages shouldn't remain in any OS notification database, and we've asked Apple to address this.
In the meantime, you can prevent any preview text from your Signal messages from appearing in your notifications.
Meredith Whittaker mentioned in her post that her team had asked Apple to address this security flaw. Almost two weeks after this news went online, Apple shared that it had finally patched the bug with iOS update 26.4.2.
The release notes say that the company has resolved the issue where the "notifications marked for deletion could be unexpectedly retained on the device." This basically means that Signal chats would remain private as they should have always been. The update is available for iPhone 11 and later devices.
Are your messages really private?
Honestly, I have been covering smartphones for many years now, and I wasn't aware that push notification databases were even a thing. But if you give it a thought, you will realize that it actually makes sense because all the notifications remain in the notification center until you manually tap and check them out or swipe and remove them.
All that said, I believe features like end-to-end encryption will not be of any use if they don't get the required support from the operating system. There wasn't any issue with the privacy factor of the Signal app in this case, but rather a loophole in how private messages are managed in iOS that allowed the FBI to extract the messages.
The issue came to attention when the FBI exploited it. But it's also hard to deny the possibility of some malicious agent having taken advantage of it in the past to check out messages that were supposed to be private.
Get Visible as low as $20/mo for 1 year. Limited time offer with code: FRESHSTART
$20
/mo
$25
$5 off (20%)
Offer Ends 6.1.2026 at 11.59pm ET. New members get $5/mo off the $25/mg Visible plan, $35/mo Visible+ plan, or $45/mo Visible+ Pro plan for the first 12 months. Promo code FRESHSTART required at checkout.
Aman Kumar is a tech news writer with a long-standing passion for smartphones. Aman specializes in everything smartphones, from AI features like Pixel’s Camera Coach to understanding ideal hardware combinations. He loves breaking down complex features in a simple, clear way and hopes manufacturers bring back bold designs like the Nokia N-Gage. When he’s not writing, he’s either gaming on PUBG or talking fitness as a dedicated gym enthusiast.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts:
New accounts created within the last 24 hours may experience restrictions on how frequently they can
post or comment.
These limits are in place as a precaution and will automatically lift.
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: